At present, the digital lifestyle has been widely promoted and popularized. People's daily work, study and recreation have become attached to various types of application software. As a result, the security issue of software has received a great deal of attention.
In an attempt to steal privacy information, bank account information, and so on, from users, some attackers embed malicious code into benign software applications that the users may desire, or modify or delete part of the software code, through the method of software tampering. The modified software is then used to obtain the key information of the users for the benefit of the attackers. Software tampering frequently appears in games, online payment software, or social networking software. In order to prevent the use of this kind of tampering, verification of the software installed at a terminal device becomes important.
Conventional software verification methods for preventing software tampering simply verify all or part of the data of software to determine whether the verification result is correct or not, and thereby determine whether the software have been tampered with. However, because the software data used for verification is fixed, its correct verification result can be easily obtained by attackers who will then counterfeit the desired verification result based on their knowledge in order to pass the software verification. This would cause inaccuracy of the software verification results, and bring data security risks.